upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-05-28 04:32:30 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 25

fix(settings): add link check in webfinger

Browse source 
Signed-off-by: 諏訪子 <suwako@076.moe>
This commit is contained in:
諏訪子 2025-05-26 09:58:50 +09:00 committed by backportbot[bot]
parent 3817a4b445
commit 1a2f69e0e7
1 changed files with 17 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
lib/private/Accounts/AccountManager.php
View file

@ -741,6 +741,23 @@ class AccountManager implements IAccountManager {
if (!is_array($decoded) || ($decoded['subject'] ?? '') !== "acct:{$username}@{$instance}") {
throw new InvalidArgumentException();
}
// check for activitypub link
if (is_array($decoded['links']) && isset($decoded['links'])) {
$found = false;
foreach ($decoded['links'] as $link) {
// have application/activity+json or application/ld+json
if (isset($link['type']) && (
$link['type'] === 'application/activity+json' ||
$link['type'] === 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"'
)) {
$found = true;
break;
}
}
if (!$found) {
throw new InvalidArgumentException();
}
}
} catch (InvalidArgumentException) {
throw new InvalidArgumentException(self::PROPERTY_FEDIVERSE);
} catch (\Exception $error) {